技能 ai-music 审计历史

🎵

审计历史

ai-music - 2 审计

审计版本 2

最新低风险

Jun 3, 2026, 09:48 AM

The skill is a well-documented router for the legitimate RunComfy CLI music generation service. All 72 'backtick execution' detections are false positives—they are markdown code blocks showing `runcomfy run` command examples in documentation. The 23 'hardcoded URLs' are documentation links to runcomfy.com, skills.sh, and example placeholder URLs. The 'hidden file' detection at line 259 is the documented token storage location (~/.config/runcomfy/token.json). The 'weak cryptographic algorithm' detections are false positives triggered by non-crypto content. The skill has transparent security practices: scope-restricted bash access (Bash(runcomfy *)), documented network allowlist, and warnings about prompt injection from third-party audio sources.

1

已扫描文件

276

分析行数

5

发现项

claude

审计者

低风险问题 (2)

Bash command scope requires user trust in runcomfy CLI

The skill declares `allowed-tools: Bash(runcomfy *)`, granting permission to run any runcomfy subcommand. This is a scoped permission but still requires the user to trust the @runcomfy/cli npm package. The skill documents this clearly and provides security guidance.

Token stored in filesystem by CLI

The runcomfy CLI stores API tokens at ~/.config/runcomfy/token.json with mode 0600. This is a standard CLI pattern but the skill documentation notes users can use RUNCOMFY_TOKEN env var to avoid file storage. Risk is minimal and transparently documented.

风险因素

⚙️ 外部命令 (8)

SKILL.md:34-36 SKILL.md:42-45 SKILL.md:49-51 SKILL.md:55-59 SKILL.md:107-114 SKILL.md:127-135 SKILL.md:143-153 SKILL.md:161-171

🌐 网络访问 (5)

SKILL.md:22 SKILL.md:30 SKILL.md:146 SKILL.md:164 SKILL.md:232-235

📁 文件系统访问 (1)

审计版本 1

低风险

Jun 3, 2026, 09:48 AM

The skill is a well-documented router for the legitimate RunComfy CLI music generation service. All 72 'backtick execution' detections are false positives—they are markdown code blocks showing `runcomfy run` command examples in documentation. The 23 'hardcoded URLs' are documentation links to runcomfy.com, skills.sh, and example placeholder URLs. The 'hidden file' detection at line 259 is the documented token storage location (~/.config/runcomfy/token.json). The 'weak cryptographic algorithm' detections are false positives triggered by non-crypto content. The skill has transparent security practices: scope-restricted bash access (Bash(runcomfy *)), documented network allowlist, and warnings about prompt injection from third-party audio sources.

1

已扫描文件

276

分析行数

5

发现项

claude

审计者

低风险问题 (2)

Bash command scope requires user trust in runcomfy CLI

The skill declares `allowed-tools: Bash(runcomfy *)`, granting permission to run any runcomfy subcommand. This is a scoped permission but still requires the user to trust the @runcomfy/cli npm package. The skill documents this clearly and provides security guidance.

Token stored in filesystem by CLI

The runcomfy CLI stores API tokens at ~/.config/runcomfy/token.json with mode 0600. This is a standard CLI pattern but the skill documentation notes users can use RUNCOMFY_TOKEN env var to avoid file storage. Risk is minimal and transparently documented.

风险因素

⚙️ 外部命令 (8)

SKILL.md:34-36 SKILL.md:42-45 SKILL.md:49-51 SKILL.md:55-59 SKILL.md:107-114 SKILL.md:127-135 SKILL.md:143-153 SKILL.md:161-171

🌐 网络访问 (5)

SKILL.md:22 SKILL.md:30 SKILL.md:146 SKILL.md:164 SKILL.md:232-235

📁 文件系统访问 (1)

← 返回技能